COMPLY – OR PAY THE PRICE…

The drive to BYOD (Bring Your Own Device) in the workplace has obvious advantages for employees and employers alike.

On the one hand, familiarity with their favoured mobile device tends to keep the employee happy. (And, according to an increasing number of studies, also improves productivity.) On the other, corporations benefit from reduced CAPEX costs as the need to supply workers with high-spec communications equipment is significantly reduced.

All well and good…

But the switch to BYOD (and, indeed, use of COPE devices) creates a regulatory minefield in terms of a company’s communications’ procedures and compliance obligations:

If a corporation tries to monitor / record all communications on the employees’ mobile device they are, in effect, breaching his or her right to privacy.

Conversely, if their tracking systems are geared to landline and email communications only, a huge cache of data is likely to be missed in any audit trail. (Like it or not, the use of personal mobile devices for work purposes is today’s reality – inside and outside the physical office environment.)

And finally, of course, some of the most popular consumer chat brands can’t be effectively monitored or recorded.

It’s already a complex problem for financial institutions and one that is going to become more acute when MiFID II comes into force in January 2018.

Fortunately, VENNCOMM TALK® has been specifically developed to provide a simple, cost-effective solution that protects corporate concerns and every individual’s right to privacy in equal measure.

Audit & Analytics

– Their Growing Importance

One of the key implications of MiFID II is that organisations will need to prove that they have robust compliance procedures in place at all times, rather than reacting to specific incidents of (potential) compliance abuse. And although most companies have well-established audit programmes when it comes to fixed-line recordings and email capture, multi-media mobile – particularly on a BYOD basis - is more complex

The VENNCOMM Solution

VENNCOMM TALK® is the super-fast, multi-functional, OTT corporate dialling and chat app that gives companies complete control of their compliance procedures, MDM programmes and BYOD/COPE policies.

The app allows the import of a dedicated business number (and support suite) on an employee’s personal device, providing a clear divide between commercial and private use of the same phone. With automatic recording and retrieval of all work calls and chats, VC-TALK improves communications’ efficiencies whilst ensuring that organisations can meet regulatory compliance checks with the minimum of fuss.

MiFID II versus GDPR

– the Catch 22 of the FS Sector

In Joseph Heller’s war-time satire, ‘Catch 22’, US pilots could be excused combat missions if they could prove they were insane and therefore unfit to fly. Unfortunately, according to the medical authorities judging the cases, if a pilot pleaded insanity in order to avoid duty, it actually proved they were thinking logically and should therefore be returned to the front line. ‘Catch 22’ in the military rule-book!

MiFID II

– Key Changes & Implications

MiFID II, which comes into effect in January 2018, strengthens and extends existing marketplace legislation. FS providers will not only need to react to cases of (potential) malpractice, but also implement procedures and communications’ audit trails that reduce the risk of such occurrences in the first place. In addition, the collation of data has been broadened to include all communications relating to actual and potential transactions. And – not surprisingly – the penalties for non-compliance will be severe!

It's time to talk!

For enquiries, call 03450 582313 now or send us a message below

One of the key implications of MiFID II is that organisations will need to prove that they have robust compliance procedures in place at all times, rather than reacting to specific incidents of (potential) compliance abuse. And although most companies have well-established audit programmes when it comes to fixed-line recordings and email capture, multi-media mobile – particularly on a BYOD basis - is more complex.

Again, this is an area where VENNCOMM TALK® can really help. Utilising the app as part of your on-going compliance programme shows that you are taking a proactive approach to Mobile Device Management and the implications of BYOD in the workplace. The app not only allows all work-related calls and messages to be recorded and retained as required by MiFID II, it does so in a way that respects the GDPR-protected privacy of the phone’s user. That’s two regulatory requirements ticked as one.

And if there is ever a need to retrieve data for external examination, our VENNCOMM Compliance Pack takes the pain out of the process too. Here again, we are among the leaders in this field, developing store, search and instant access systems that allow organisations to answer the key questions of who said what to whom and when. (Please click here for more information on the accuracy of our date downloads.)Capture & ComplianceSingle voice and multi-channel captureVoice recognition (who said what to whom and when)Immediate voice transcripts (and translations)Chat as well as Voice/SMS captureKey-word search and alertsInstant retrieval to meet statutory requirements on both sides of the AtlanticIntegration with other capture channels to provide single, ‘normalised view’ for internal auditors and external examiners

VENNCOMM TALK® is the super-fast, multi-functional, OTT corporate dialling and chat app that gives companies complete control of their compliance procedures, MDM programmes and BYOD/COPE policies.

The app allows the import of a dedicated business number (and support suite) on an employee’s personal device, providing a clear divide between commercial and private use of the same phone. With automatic recording and retrieval of all work calls and chats, VC-TALK improves communications’ efficiencies whilst ensuring that organisations can meet regulatory compliance checks with the minimum of fuss.

In Joseph Heller’s war-time satire, ‘Catch 22’, US pilots could be excused combat missions if they could prove they were insane and therefore unfit to fly. Unfortunately, according to the medical authorities judging the cases, if a pilot pleaded insanity in order to avoid duty, it actually proved they were thinking logically and should therefore be returned to the front line. ‘Catch 22’ in the military rule-book!

Over time, the term has become a catch-phrase to identify paradoxical situations from which an individual or organisation cannot escape because of mutually contradictory rules. And, with the advent of tougher compliance and personal privacy legislation on the horizon, something similar seems to be happening in the financial services sector.

In fact, in January 2018, all financial firms will need to comply with one of the broadest pieces of financial industry legislation ever - MiFID II. Article 16 of the Directive imposes broad changes on the need to record mobile conversations, with recent FCA guidance inferring that all work-related mobile conversations linked to actual or potential transactions must be monitored and retained in a durable, unalterable format.

FS providers who haven’t acted already, must now urgently implement technology solutions that meet MiFID II requirements. Combined with the drive to BYOD (Bring Your Own Device) in the workplace, this is creating a real sense of urgency as the deadline approaches.

At the same time, however, this situation is being complicated by conflicting GDPR regulation (due in May 2018) that mandates that firms are prohibited from recording and storing their employees’ personal communications.

And this is the Catch 22 for FS providers - the need to record all conversations about actual and potential transactions (mobile or otherwise) versus the need to protect the personal privacy of the employee.

Fortunately, VENNCOMM TALK® is in prime position to solve this conundrum. Specially developed as a super-fast, multi-function corporate dialing and chat app, it allows the import of a dedicated business number (and support suite) on an employee’s personal device, providing a clear divide between commercial and private use of the same phone. With automatic recording and retrieval of work calls and chats only, VC-TALK protects an individual’s privacy whilst ensuring that organisations can meet regulatory compliance checks with the minimum of fuss.

Catch 22 resolved!

And if that’s the sort of smart solution that would benefit your organisation, maybe we should talk? Call 03450 582313 today and put procedures in place before it’s too late.

MiFID II, which comes into effect in January 2018, strengthens and extends existing marketplace legislation. FS providers will not only need to react to cases of (potential) malpractice, but also implement procedures and communications’ audit trails that reduce the risk of such occurrences in the first place. In addition, the collation of data has been broadened to include all communications relating to actual and potential transactions. And – not surprisingly – the penalties for non-compliance will be severe!

Content & Catchment: Under the revised Directive, recordings must be made of any communications linked to an actual or potential trade. This means that advisory conversations as well as actual deals are now covered by the legislation. In effect, anyone involved in the ‘advice chain’ connected to an actual or putative transaction should now have their communications recorded and retained.

Retention: The new Directive stipulates that all data records must be retained in a durable medium such as hard-copy, email, fax or audible recordings of telephone conversations and/or face-to-face meetings. Firms will be held responsible for the quality and completeness of their data caches, ensuring that they are made available to regulatory authorities as required. (Typically within 72-hours.)

Duration: Previously held for six months, data must now be retained for a mandatory period of five years rising to a term of seven years if so requested by the relevant marketplace authority.

Audit & Review: Under the new Directive, organisations not only have to record and retain communications’ data as described but undertake regular reviews to ensure on-going compliance. In essence, this means that FS providers have to prove they have effective procedures in place at all times, rather than reacting to specific incidents of potential compliance abuse. (This is one of the most important implications of MiFID II, reversing the current ‘burden of proof’ equation. Rather than regulators needing to find evidence of malpractice, financial entities must demonstrate (a) their innocence if challenged, and (b) that they have the ability to safeguard against such non-compliance incidents in the first place. And this increased onus on proactivity by FS providers goes well beyond ‘management by policy’ alone. Under MiFID II, such corporate guidelines have to be supported by employee training and the introduction of technologies that ensure clear and comprehensive capture of all electronic data relating to actual or potential transactions - including those made on mobile devices! (And as a footnote to the above, if shortcomings in data collation and retention procedures are apparent, companies must also retain records of such shortcomings and remedies for a further five years.)

Personal / Work Use Overlap: Under MiFID II’s strengthened Directive, financial institutions must ban the work-related use of (consumer-facing) communications channels that cannot be recorded – for example, WhatsApp, WeChat, iMessage and similar. On a related note, employees are also prohibited from ‘advertising’ their personal mobile numbers in a work-related context. (While such measures may be sensible and necessary in compliance terms, they are extremely difficult to police by policy guidelines alone. And for companies looking to benefit from the cost-savings and convenience of BYOD adoption, such restrictions create a real headache on economic and employee-satisfaction grounds.)

Reporting: Organisations must be able to supply regulatory authorities with accurate, comprehensive and clearly indexed data on specific trades and/or time-frames in an accessible medium on request. (Typically within 72 hours.) And of course, like its predecessor, MiFID II applies on an EU-wide basis, putting the onus on financial institutions to comply in all territories where they operate – whether that requires a complex, multimarket, multi-vendor solution or not.

One of the key implications of MiFID II is that organisations will need to prove that they have robust compliance procedures in place at all times, rather than reacting to specific incidents of (potential) compliance abuse. And although most companies have well-established audit programmes when it comes to fixed-line recordings and email capture, multi-media mobile – particularly on a BYOD basis - is more complex.

Again, this is an area where VENNCOMM TALK® can really help. Utilising the app as part of your on-going compliance programme shows that you are taking a proactive approach to Mobile Device Management and the implications of BYOD in the workplace. The app not only allows all work-related calls and messages to be recorded and retained as required by MiFID II, it does so in a way that respects the GDPR-protected privacy of the phone’s user. That’s two regulatory requirements ticked as one.

And if there is ever a need to retrieve data for external examination, our VENNCOMM Compliance Pack takes the pain out of the process too. Here again, we are among the leaders in this field, developing store, search and instant access systems that allow organisations to answer the key questions of who said what to whom and when. (Please click here for more information on the accuracy of our date downloads.)Capture & ComplianceSingle voice and multi-channel captureVoice recognition (who said what to whom and when)Immediate voice transcripts (and translations)Chat as well as Voice/SMS captureKey-word search and alertsInstant retrieval to meet statutory requirements on both sides of the AtlanticIntegration with other capture channels to provide single, ‘normalised view’ for internal auditors and external examiners

If a compliance issue should ever arise, it’s likely that the regulatory authority involved will base its initial investigation around four key ‘Ws’… “Who said What to Whom and When…”

And this is where VENNCOMM TALK® has significant advantages over the recording contracts offered by mobile network providers.

Firstly, most network providers provide their data downloads on a delayed overnight or next-day basis and this can be problematic when authorities require an immediate response. In contrast, VENNCOMM TALK® data capture is undertaken on a real-time basis which ensures instant access to requested files. (And if a compliance issue is ‘live’, it also allows client users to submit key-word alerts to contain any problem before it spreads.)

But just as important as speed, is the accuracy of the data cache itself. In mobile network recording, the download is simply an audio file of the complete call. This can be a problem as there isn’t a clear record of who was speaking at what time when converting data from speech to text for monitoring or search purposes. Even worse, if two people were speaking at the same time, or a microphone was picking up background noise, this would also affect the quality of the speech to text processing.

In the VC-TALK platform, each inbound voice channel is a separate feed into the system and the speech to text transcript is therefore performed on each channel independently. This leads to considerably higher transcription accuracy and full knowledge of who said what to whom and when. (Compare this to a network recording where the subject of a conversation might be captured but not the identity of the speakers. Similarly, if an individual drops off a conference call to re-join later, there would be confusion as to which part of the call he or she was privy to.)

And the recording infrastructure is totally customisable according to client need – including cloud, on-premise and multiple recording per call based on regulatory requirements and existing data-capture programmes.

If and when compliance authorities initiate an investigation, they have little time or sympathy for technical issues faced by the organisation being scrutinised. Our VENNCOMM Compliance Pack, faces this reality head on, ensuring that clear and comprehensive records of a transaction or particular time-frame can be provided as requested.